ECE 382N: Security at the Hardware-Software Interface
Fall 2025
📍
EER 5.890
EER 5.652, for logistical questions
Course Overview
This course studies how secure computer systems are built, how they fail, and how attackers exploit the hardware-software boundary. The course is research-oriented: you will read papers, discuss attacks and defenses, and complete a term project.
Topics include:
- Side-channel attacks and defenses
- Transient-execution attacks and defenses
- Trusted-execution environments
- Sandboxing and isolation
- Memory safety techniques
- System-level attacks in AI systems
- Other emerging threats to computer systems
Prerequisites
- ECE 312: Software Design and Implementation I, or C programming skills
- ECE 460N: Computer Architecture
- ECE 461S: Operating Systems
- Some background in security is recommended
Course Requirements
Read
Before lectures, you will complete assigned readings and a mini quiz. After lectures, you will read an additional paper and submit a short conference-style review.
- Mini quizzes are due two hours before lecture.
- Paper reviews are due by Sunday of that week.
- For paper discussions, reviews are due one day before discussion.
Policy: You may skip one pre-lecture reading and mini quiz, and two paper reviews without grade penalty.
Participate
You are expected to attend class and participate in discussions. Questions are welcome during and after lecture. Pop quizzes may be given during lectures and count toward participation.
Policy: You may skip two lectures or discussions without grade penalty.
Present
You will present research papers and lead discussion during paper discussion sessions. Presentation guidelines will be discussed in class.
Research
You will conduct a term research project in system security. Both attack and defense projects are welcome. More details are available on the term project page.
Grading
There are no exams. The final grade is based on:
- 10%: Class participation, including discussion and pop quizzes
- 5%: Pre-lecture reading and mini quizzes
- 10%: Post-lecture reading and pre-discussion paper reviews
- 15%: Leading paper discussion
- 60%: Term project
- 3%: Project proposal
- 7%: Midpoint report
- 15%: Final presentation
- 35%: Final report
Other Course Policies
The university provides a Canvas page with policies and resources relevant to all courses. This course also has the following additional policies.
Use of AI Tools
Generative AI tools may be used to retrieve, organize, and clarify information. They may not be used to create original submitted content.
Allowed:
- Find and summarize related work
- Clarify a confusing concept, while checking for hallucination or fabrication
- Proofread your draft for grammar errors
Prohibited:
- Upload course readings or questions to AI tools to complete mini quizzes or paper reviews
- Ask AI tools to write the project proposal, checkpoint reports, or final report
Confirmed violations can result in receiving an F for this course.
Hacking Ethics & Legal Considerations
In this course, you will learn about vulnerabilities in computer systems. However, you must not attack other people’s computers, access systems without authorization, or misuse personal information. Doing so can lead to serious legal consequences.
Be especially careful with ethical and legal issues if your term project is attack-focused. When in doubt, contact the instructor.
A Notice of Academic Accommodations from Disability and Access (D&A)
If you are a student with a disability, or think you may have a disability, and need accommodations, please contact Disability and Access (D&A). You may refer to D&A’s website for contact and more information: http://disability.utexas.edu/.
If you are already registered with D&A, please deliver your accommodation letter as early as possible so we can discuss your approved accommodations.